Skip to main content
SpringerLink
Log in

Emulation and Analysis of Software-Defined Networks for the Detection of DDoS Attacks

  • Conference paper
  • First Online:
Computer, Communication, and Signal Processing (ICCCSP 2022)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 651))

Abstract

Development in digital infrastructure have resulted in distributed denial of service attacks to become increasingly widespread and target large number of host machines in organizations, that crashes down access when requested by the user. Such attacks when deployed on a larger scale, can result in a wastage of time and resources. With increasing complexity, these attacks have become more sophisticated and complex, leading to the emergence that has led to the rise of several algorithms and tools, that uses SDN (Software-Defined Networking) networks, in the domain of network security. Through this paper, we have surveyed what is a DDoS attack, its different forms and the use of software-defined networking tools such as Mininet and HPE VAN SDN controller, to analyze some basic topologies. Four different topologies were created namely Single, Linear, Tree and Torus, and experiments were performed to analyze the flow of traffic in these topology networks. From these experiments performed, the ping statistics in terms of minimum, maximum, average and minimum deviation Round-Trip Time (RTT) in milliseconds were computed for each of the given topologies. The values obtained as ping statistics were tabulated and represented graphically. A visual analysis between number of nodes and average round-trip time for the three topologies were done graphically. We have compared and analyzed several open-source tools, on their basis of efficiency of detecting the attack. Apart from this, a study of several instances of DDoS attacks in organizations regarding the mitigations and step initiated to withstand the intensity of these attacks, has also been done.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ottis, R.: Analysis of the 2007 cyber attacks against Estonia from the information warfare perspective. In: Proceedings of the 7th European Conference on Information Warfare, p. 163 (2008)

    Google Scholar 

  2. Hoque, N., Bhattacharyya, D., Kalita, J.: Botnet in DDoS attacks: trends and challenges. IEEE Commun. Surv. Tutor. 99, 1 (2015)

    Google Scholar 

  3. Bawany, N.Z., Shamsi, J.A., Salah, K.: DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab. J. Sci. Eng. 42(2), 425–441 (2017). https://doi.org/10.1007/s13369-017-2414-5

    Article  Google Scholar 

  4. Jain, S., et al.: B4: experience with a globally-deployed software defined WA. ACM SIGCOMM Comput. Commun. Rev. 43(4), 3–14 (2013)

    Article  Google Scholar 

  5. Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004)

    Article  Google Scholar 

  6. Criscuolo, P.J.: Distributed Denial of Service Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht CIAC-2319, Department of Energy Computer Incident Advisory (CIAC), UCRL-ID-136939, Rev. 1, Lawrence Livermore National Laboratory, 14 February 2000. http://ftp.se.kde.org/pub/security/csir/ciac/ciacdocs/ciac2319.txt

  7. Dittrich, D.: The DoS Projects ‘‘trinoo’’ Distributed Denial of Service attack tool, University of Washington, 21 October 1999. http://staff.washington.edu/dittrich/misc/trinoo.analysis.txt

  8. Dittrich, D.: The Tribe Flood Network Distributed Denial of Service Attack Tool. University of Washington, 21 October 1999

    Google Scholar 

  9. Barlow, J., Thrower, W.: TFN2K––an analysis (2000). http://security.royans.net/info/posts/bugtraq_DDoS2.shtml

  10. CERT Coordination Center, Center Advisory CA-1999-17 Denial of Service tools. http://www.cert.org/advisories/CA-1999-17.html

  11. Adams, C., Gilchrist, J.: The CAST-256 encryption algorithm, RFC 2612, June 1999. http://www.cis.ohio-state.edu/htbin/rfc/rfc2612.html

  12. Dittrich, D., Weaver, G., Dietrich, S., Long, N.: The mstream Distributed Denial of Service attack tool, May 2000. http://staff.washington.edu/dittrich/misc.mstream.analysis.txt

  13. Moore, D., Voelker, G., Savage, S.: Inferring internet denial of service activity, In: Proceedings of the USENIX Security Symposium, Washington, DC, USA, pp. 9–22 (2001)

    Google Scholar 

  14. Yan, Q., Yu, F.R., Gong, Q., Li, J.: Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. In: IEEE Communications Surveys and Tutorials, vol. 18, issue number 1, pp. 602–622, First quarter 2016. https://doi.org/10.1109/COMST.2015.2487361

  15. Salman, O., Elhajj, I. H., Kayssi, A., Chehab, A.: SDN controllers: a comparative study. In: 2016 18th Mediterranean Electrotechnical Conference (MELECON) (2016).https://doi.org/10.1109/melcon.2016.7495430

  16. Tootoonchian, A., Gorbunov, S., Ganjali, Y., Casado, M., Sherwood, R.: On controller performance in software-defined networks. In: USENIX Workshop on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services (Hot-ICE), vol. 54 92012)

    Google Scholar 

  17. Khondoker, R., Zaalouk, A., Marx, R., Bayarou, K.: Featurebased comparison and selection of Software Defined Networking (SDN) controllers. In: 2014 World Congress on Computer Applications and Information Systems (WCCAIS), pp. 1–7 (2014)

    Google Scholar 

  18. Shalimov, A., Zuikov, D., Zimarina, D., Pashkov, V., Smeliansky, R.: Advanced study of SDN/OpenFlow controllers. In: Proceedings of the 9th Central and Eastern European Software Engineering Conference in Russia, p. 1. ACM (2013)

    Google Scholar 

  19. Kalkan, K., Gur, G., Alagoz, F.: Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun. Mag. 55(9), 175–179 (2017)

    Article  Google Scholar 

  20. Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Experience 32(2019). https://doi.org/10.1002/cpe.5402

  21. Banitalebi Dehkordi, A., Soltanaghaei, M., Boroujeni, F.Z.: The DDoS attacks detection through machine learning and statistical methods in SDN. J. Supercomput. 1–33 (2020). https://doi.org/10.1007/s11227-020-03323-w

  22. Amazon says it mitigated the largest DDoS attack ever recorded - The Verge. https://www.theverge.com/2020/6/18/21295337/amazon-aws-biggest-DDoS-attack-ever-2-3-tbps-shield-github-netscout-arbor. Accessed 8 Feb 2022

  23. Amazon ‘thwarts largest ever DDoS cyber-attack’ - BBC News. https://www.bbc.com/news/technology-53093611. Accessed 8 Feb 2022

  24. DDOS attacks and the GitHub case» IRIS-BH. https://irisbh.com.br/en/DDoS-attacks-and-the-github-case/. Accessed 8 Feb 2022

  25. Cyber Case Study: The Mirai DDoS Attack on Dyn - CoverLink Insurance|Ohio Independent Insurance Agency. https://coverlink.com/case-study/mirai-DDoS-attack-on-dyn/. Accessed 8 Feb 2022

  26. DDoS attack on BBC may have been biggest in history|CSO Online. https://www.csoonline.com/article/3020292/DDoS-attack-on-bbc-may-have-been-biggest-in-history.html. Accessed 8 Feb 2022

  27. Bello, I., et al.: Detecting ransomware attacks using intelligent algorithms: recent development and next direction from deep learning and big data perspectives. J. Ambient. Intell. Humaniz. Comput. 12(9), 8699–8717 (2020). https://doi.org/10.1007/s12652-020-02630-7

    Article  Google Scholar 

  28. Reshmi, T.R.: Information security breaches due to ransomware attacks - a systematic literature review. Int. J. Inf. Manage. Data Insights 1(2), 100013 (2021). https://doi.org/10.1016/j.jjimei.2021.100013

    Article  Google Scholar 

  29. Digital Guardian: A history of ransomware attacks: the biggest and worst ransomware attacks of all time (2019). https://digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst-ransomware-attacks-all-time. Accessed 17 Dec 2019

  30. Agrawal, R., Stokes, J.W., Selvaraj, K., Marinescu, M.: Attention in recurrent neural networks for ransomware detection. In: Paper Presented at the ICASSP 2019—2019 IEEE International Conference on Acoustics, Speech and signal Processing (ICASSP) (2019)

    Google Scholar 

  31. Alhawi, O.M.K., Baldwin, J., Dehghantanha, A.: Leveraging machine learning techniques for windows ransomware network traffic detection. In: Dehghantanha, A., Conti, M., Dargahi, T. (eds.) Cyber Threat Intelligence. AIS, vol. 70, pp. 93–106. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73951-9_5

    Chapter  Google Scholar 

  32. Alrawashdeh, K., Purdy, C.: Ransomware detection using limited precision deep learning structure in FPGA. In: Paper Presented at the NAECON 2018-IEEE National Aerospace and Electronics Conference (2018)

    Google Scholar 

  33. Cusack, G., Michel, O., Keller, E.: Machine learning-based detection of ransomware using SDN, pp 1–6 (2018). https://doi.org/10.1145/3180465.3180467

  34. Open Networking Foundation. https://www.opennetworking.org/sdndefinition. Accessed 12 Nov 2021

  35. Wang, S.-Y.: Comparison of SDN OpenFlow Network Simulator and Emulators. EstiNet vs. Mininet

    Google Scholar 

  36. Lantz, B., Heller, B., Mckeown, N: A Network in a Laptop: Rapid Prototyping for Software-Defined Networks

    Google Scholar 

  37. Open Network Operating System (ONOS) SDN Controller for SDN/NFV Solutions. https://opennetworking.org/onos/. Accessed 12 Nov 2021

  38. Platform Overview - OpenDaylight. https://www.opendaylight.org/about/platform-overview. Accessed 12 Nov 2021

  39. Ryu SDN Framework. https://ryu-sdn.org/. Accessed 12 Nov 2021

  40. Saikia, D., Malik Jaffe, N., White Paper, T.: Whitepaper Openmul An Introduction to OpenMUL SDN Suite (2014). www.openmul.org. Accessed 12 Nov 2021

  41. Introduction to the HPE VAN SDN Controller. https://techhub.hpe.com/eginfolib/networking/docs/sdn/sdnc2_7/5200-0910prog/content/c_sdnc-pg-intro.html. Accessed 12 Nov 2021

  42. Mininet: An Instant Virtual Network on Your Laptop (or Other PC) - Mininet. http://mininet.org/. Accessed 11 Nov 2021

  43. Keti, F., Askar, S.: Emulation of software defined networks using mininet in different simulation environments. In: Proceedings of the 6th International Conference on Intelligent Systems, Modelling and Simulation (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Vellore Institute of Technology, Chennai, 600127, Tamil Nadu, India

    Sanjana Prasad, Ashwani Prasad & Karmel Arockiasamy

  2. University of North Texas, Denton, TX, 76203, USA

    Xiaohui Yuan

Authors
  1. Sanjana Prasad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashwani Prasad
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karmel Arockiasamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiaohui Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ashwani Prasad .

Editor information

Editors and Affiliations

  1. University of Vienna, Vienna, Austria

    Erich J. Neuhold

  2. Ryerson University, Toronto, ON, Canada

    Xavier Fernando

  3. University of Huddersfield, Huddersfield, UK

    Joan Lu

  4. University of Florida, Gainesville, FL, USA

    Selwyn Piramuthu

  5. SSN College of Engineering, Kalavakkam, India

    Aravindan Chandrabose

Rights and permissions

Reprints and permissions

Copyright information

© 2022 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Prasad, S., Prasad, A., Arockiasamy, K., Yuan, X. (2022). Emulation and Analysis of Software-Defined Networks for the Detection of DDoS Attacks. In: Neuhold, E.J., Fernando, X., Lu, J., Piramuthu, S., Chandrabose, A. (eds) Computer, Communication, and Signal Processing. ICCCSP 2022. IFIP Advances in Information and Communication Technology, vol 651. Springer, Cham. https://doi.org/10.1007/978-3-031-11633-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-11633-9_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-11632-2

  • Online ISBN: 978-3-031-11633-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation